f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d | Triage

Submit
Reports

Overview

overview

8

Static

static

f0e7afae0a...7d.exe

windows7-x64

8

f0e7afae0a...7d.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d.exe

Resource

win7-20220812-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

General

Target

f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d
Size

36KB
MD5

4bff7554e2a3a51cd41e4e095ca74c2d
SHA1

7edfc92aa006b5e176e0d7c64d57a180d10a4a86
SHA256

f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d
SHA512

81a5c64db984db1c835e28e0ce803395f5abb3d68e4f38cc0a451a23c0152b9606a19dd832e9a1a98ffd4c73d240e2a6ccc5b68964f8456d47b7f2272118f6b4
SSDEEP

768:/TEh1pO5cfXVXnXR2tFF8tZckahegZ86:/iOgdnB2t8p9gZ86

Score

N/A

Malware Config

Signatures

Files

f0e7afae0a683578b03cfd95c6afe43a8c5b849435d39beeff0db666bdb0f47d
.exe windows x86

d0ebbc660bbad94503dd1240b6f3d0c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleFileNameA
ExitProcess
CloseHandle
WriteFile
CreateFileA
lstrcmpiA
lstrcpyA
FreeLibrary
lstrcmpA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetFileAttributesA
CreateThread
RtlUnwind
WinExec
CopyFileA
MoveFileExA
GetCommandLineA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetCurrentProcess
Sleep

user32

EnumChildWindows
GetForegroundWindow
GetWindowTextA
IsWindow
MessageBoxA
GetClassNameA
GetWindowLongA
SendMessageA

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegCloseKey
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA

shell32

ShellExecuteA

ws2_32

closesocket
WSAStartup
WSACleanup
inet_ntoa
gethostbyname
gethostname
inet_addr
htons
connect
socket

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy